CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated) 92,635 people reacted CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated) By Haozhe Zhang, Ken Hsu, Tao Yan, Qi Deng and Robert Falcone March 31, 2022 at 4:30 PM 61 12 min. read
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict 62,833 people reacted Threat Brief: Ongoing Russia and Ukraine Cyber Conflict By Robert Falcone, Mike Harbison and Josh Grunzweig January 20, 2022 at 12:30 PM 37 8 min. read
Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated) 282,243 people reacted Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated) By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone December 10, 2021 at 1:00 PM 438 15 min. read
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus 56,115 people reacted APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus By Robert Falcone and Peter Renals December 2, 2021 at 6:00 AM 17 10 min. read
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer 94,021 people reacted Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer By Robert Falcone, Jeff White and Peter Renals November 7, 2021 at 6:00 PM 48 18 min. read
Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools 46,962 people reacted Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools By Robert Falcone, Alex Hinchliffe and Quinn Cooke July 15, 2021 at 3:00 AM 12 23 min. read
New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl) 40,036 people reacted New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl) By Robert Falcone and Simon Conant April 29, 2021 at 12:01 AM 14 9 min. read
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials 34,660 people reacted Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials By Robert Falcone April 15, 2021 at 6:00 AM 9 8 min. read
xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement 43,662 people reacted xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement By Robert Falcone January 11, 2021 at 12:01 AM 10 25 min. read
Threat Assessment: Egregor Ransomware 34,382 people reacted Threat Assessment: Egregor Ransomware By Doel Santos, Brittany Barbehenn and Robert Falcone December 8, 2020 at 6:00 PM 14 5 min. read
xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control 40,158 people reacted xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control By Robert Falcone November 9, 2020 at 12:00 AM 17 12 min. read
Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa 54,315 people reacted Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa By Robert Falcone September 4, 2020 at 6:00 AM 8 13 min. read
Threat Assessment: WastedLocker Ransomware 41,045 people reacted Threat Assessment: WastedLocker Ransomware By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone July 30, 2020 at 6:00 AM 14 4 min. read
OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory 52,139 people reacted OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory By Robert Falcone July 22, 2020 at 6:00 AM 16 18 min. read
Updated BackConfig Malware Targeting Government and Military Organizations in South Asia 71,479 people reacted Updated BackConfig Malware Targeting Government and Military Organizations in South Asia By Alex Hinchliffe and Robert Falcone May 11, 2020 at 9:30 PM 10 16 min. read
